• Accueil
  • sspmod_saml_Auth_Source_SP

PHP Class sspmod_saml_Auth_Source_SP, simplesamlphp

Inheritance: extends SimpleSAML_Auth_Source
Afficher le fichier Open project: simplesamlphp/simplesamlphp Class Usage Examples

Méthodes publiques

Méthode Description
__construct ( array $info, array $config ) Constructor for SAML SP authentication source.
askForIdPChange ( array &$state ) Ask the user to log out before being able to log in again with a different identity provider. Note that this method is intended for instances of SimpleSAMLphp running as a SAML proxy, and therefore acting both as an SP and an IdP at the same time.
authenticate ( &$state ) Start login.
getEntityId ( ) : string Retrieve the entity id of this SP.
getIdPMetadata ( string $entityId ) : SimpleSAML_Configuration Retrieve the metadata of an IdP.
getMetadata ( ) : SimpleSAML_Configuration Retrieve the metadata of this SP.
getMetadataURL ( ) : string Retrieve the URL to the metadata of this SP.
handleLogout ( string $idpEntityId ) Handle a logout request from an IdP.
handleResponse ( array $state, string $idp, array $attributes ) Handle a response from a SSO operation.
handleUnsolicitedAuth ( string $authId, array $state, string $redirectTo ) Handle an unsolicited login operations.
logout ( array &$state ) Start logout operation.
onProcessingCompleted ( array $authProcState ) Called when we have completed the procssing chain.
reauthLogout ( array $state ) Log the user out before logging in again.
reauthPostLogin ( array $state ) Complete login operation after re-authenticating the user on another IdP.
reauthPostLogout ( SimpleSAML_IdP $idp, array $state ) Post-logout handler for re-authentication.
reauthenticate ( array &$state ) Re-authenticate an user.
sendSAML2AuthnRequest ( array &$state, SAML2\Binding $binding, AuthnRequest $ar ) Function to actually send the authentication request.
startSLO2 ( array &$state ) Start a SAML 2 logout operation.
startSSO ( string $idp, array $state ) Send a SSO request to an IdP.

Private Methods

Méthode Description
startDisco ( array $state ) Start an IdP discovery service operation.
startSSO1 ( SimpleSAML_Configuration $idpMetadata, array $state ) Send a SAML1 SSO request to an IdP.
startSSO2 ( SimpleSAML_Configuration $idpMetadata, array $state ) Send a SAML2 SSO request to an IdP.

Method Details

__construct() public méthode

Constructor for SAML SP authentication source.
public __construct ( array $info, array $config )
$info array Information about this authentication source.
$config array Configuration.

askForIdPChange() public static méthode

This method will never return.
public static askForIdPChange ( array &$state )
$state array The state array. The following keys must be defined in the array: - 'saml:sp:IdPMetadata': a SimpleSAML_Configuration object containing the metadata of the IdP that authenticated the user in the current session. - 'saml:sp:AuthId': the identifier of the current authentication source. - 'core:IdP': the identifier of the local IdP. - 'SPMetadata': an array with the metadata of this local SP.

authenticate() public méthode

This function saves the information about the login, and redirects to the IdP.
public authenticate ( &$state )

getEntityId() public méthode

Retrieve the entity id of this SP.
public getEntityId ( ) : string
Résultat string The entity id of this SP.

getIdPMetadata() public méthode

Retrieve the metadata of an IdP.
public getIdPMetadata ( string $entityId ) : SimpleSAML_Configuration
$entityId string The entity id of the IdP.
Résultat SimpleSAML_Configuration The metadata of the IdP.

getMetadata() public méthode

Retrieve the metadata of this SP.
public getMetadata ( ) : SimpleSAML_Configuration
Résultat SimpleSAML_Configuration The metadata of this SP.

getMetadataURL() public méthode

Retrieve the URL to the metadata of this SP.
public getMetadataURL ( ) : string
Résultat string The metadata URL.

handleLogout() public méthode

Handle a logout request from an IdP.
public handleLogout ( string $idpEntityId )
$idpEntityId string The entity ID of the IdP.

handleResponse() public méthode

Handle a response from a SSO operation.
public handleResponse ( array $state, string $idp, array $attributes )
$state array The authentication state.
$idp string The entity id of the IdP.
$attributes array The attributes.

handleUnsolicitedAuth() public static méthode

This method creates a session from the information received. It will then redirect to the given URL. This is used to handle IdP initiated SSO. This method will never return.
public static handleUnsolicitedAuth ( string $authId, array $state, string $redirectTo )
$authId string The id of the authentication source that received the request.
$state array A state array.
$redirectTo string The URL we should redirect the user to after updating the session. The function will check if the URL is allowed, so there is no need to manually check the URL on beforehand. Please refer to the 'trusted.url.domains' configuration directive for more information about allowing (or disallowing) URLs.

logout() public méthode

Start logout operation.
public logout ( array &$state )
$state array The logout state.

onProcessingCompleted() public static méthode

Called when we have completed the procssing chain.
public static onProcessingCompleted ( array $authProcState )
$authProcState array The processing chain state.

reauthLogout() public static méthode

This method will never return.
public static reauthLogout ( array $state )
$state array The state array.

reauthPostLogin() public static méthode

Complete login operation after re-authenticating the user on another IdP.
public static reauthPostLogin ( array $state )
$state array The authentication state.

reauthPostLogout() public static méthode

This method will never return.
public static reauthPostLogout ( SimpleSAML_IdP $idp, array $state )
$idp SimpleSAML_IdP The IdP we are logging out from.
$state array

reauthenticate() public méthode

This function is called by the IdP to give the authentication source a chance to interact with the user even in the case when the user is already authenticated.
public reauthenticate ( array &$state )
$state array

sendSAML2AuthnRequest() public méthode

This function does not return.
public sendSAML2AuthnRequest ( array &$state, SAML2\Binding $binding, AuthnRequest $ar )
$state array
$binding SAML2\Binding The binding.
$ar SAML2\AuthnRequest The authentication request.

startSLO2() public méthode

Start a SAML 2 logout operation.
public startSLO2 ( array &$state )
$state array The logout state.

startSSO() public méthode

Send a SSO request to an IdP.
public startSSO ( string $idp, array $state )
$idp string The entity ID of the IdP.
$state array The state array for the current authentication.